aboutsummaryrefslogtreecommitdiffhomepage
path: root/src/Wallabag/UserBundle/Controller
diff options
context:
space:
mode:
authorJeremy Benoist <jeremy.benoist@gmail.com>2018-12-02 12:43:05 +0100
committerJeremy Benoist <jeremy.benoist@gmail.com>2019-01-23 13:28:02 +0100
commita6b242a1fd6f8900d80354361449f1bf62506ef9 (patch)
treef69d87208d0ebbdb8517529582280b174af74a16 /src/Wallabag/UserBundle/Controller
parentacd4412080dfb73ecaa7f9983728d1d55bc27ea4 (diff)
downloadwallabag-a6b242a1fd6f8900d80354361449f1bf62506ef9.tar.gz
wallabag-a6b242a1fd6f8900d80354361449f1bf62506ef9.tar.zst
wallabag-a6b242a1fd6f8900d80354361449f1bf62506ef9.zip
Enable OTP 2FA
- Update SchebTwoFactorBundle to version 3 - Enable Google 2fa on the bundle - Disallow ability to use both email and google as 2fa - Update Ocramius Proxy Manager to handle typed function & attributes (from PHP 7) - use `$this->addFlash` shortcut instead of `$this->get('session')->getFlashBag()->add` - update admin to be able to create/reset the 2fa
Diffstat (limited to 'src/Wallabag/UserBundle/Controller')
-rw-r--r--src/Wallabag/UserBundle/Controller/ManageController.php67
1 files changed, 57 insertions, 10 deletions
diff --git a/src/Wallabag/UserBundle/Controller/ManageController.php b/src/Wallabag/UserBundle/Controller/ManageController.php
index a9746fb4..08ed25dd 100644
--- a/src/Wallabag/UserBundle/Controller/ManageController.php
+++ b/src/Wallabag/UserBundle/Controller/ManageController.php
@@ -8,6 +8,7 @@ use Pagerfanta\Adapter\DoctrineORMAdapter;
8use Pagerfanta\Exception\OutOfRangeCurrentPageException; 8use Pagerfanta\Exception\OutOfRangeCurrentPageException;
9use Pagerfanta\Pagerfanta; 9use Pagerfanta\Pagerfanta;
10use Symfony\Bundle\FrameworkBundle\Controller\Controller; 10use Symfony\Bundle\FrameworkBundle\Controller\Controller;
11use Symfony\Component\Form\FormInterface;
11use Symfony\Component\HttpFoundation\Request; 12use Symfony\Component\HttpFoundation\Request;
12use Symfony\Component\Routing\Annotation\Route; 13use Symfony\Component\Routing\Annotation\Route;
13use Wallabag\UserBundle\Entity\User; 14use Wallabag\UserBundle\Entity\User;
@@ -31,10 +32,10 @@ class ManageController extends Controller
31 // enable created user by default 32 // enable created user by default
32 $user->setEnabled(true); 33 $user->setEnabled(true);
33 34
34 $form = $this->createForm('Wallabag\UserBundle\Form\NewUserType', $user); 35 $form = $this->createEditForm('NewUserType', $user, $request);
35 $form->handleRequest($request);
36 36
37 if ($form->isSubmitted() && $form->isValid()) { 37 if ($form->isSubmitted() && $form->isValid()) {
38 $user = $this->handleOtp($form, $user);
38 $userManager->updateUser($user); 39 $userManager->updateUser($user);
39 40
40 // dispatch a created event so the associated config will be created 41 // dispatch a created event so the associated config will be created
@@ -62,14 +63,14 @@ class ManageController extends Controller
62 */ 63 */
63 public function editAction(Request $request, User $user) 64 public function editAction(Request $request, User $user)
64 { 65 {
66 $userManager = $this->container->get('fos_user.user_manager');
67
65 $deleteForm = $this->createDeleteForm($user); 68 $deleteForm = $this->createDeleteForm($user);
66 $editForm = $this->createForm('Wallabag\UserBundle\Form\UserType', $user); 69 $form = $this->createEditForm('UserType', $user, $request);
67 $editForm->handleRequest($request);
68 70
69 if ($editForm->isSubmitted() && $editForm->isValid()) { 71 if ($form->isSubmitted() && $form->isValid()) {
70 $em = $this->getDoctrine()->getManager(); 72 $user = $this->handleOtp($form, $user);
71 $em->persist($user); 73 $userManager->updateUser($user);
72 $em->flush();
73 74
74 $this->get('session')->getFlashBag()->add( 75 $this->get('session')->getFlashBag()->add(
75 'notice', 76 'notice',
@@ -81,7 +82,7 @@ class ManageController extends Controller
81 82
82 return $this->render('WallabagUserBundle:Manage:edit.html.twig', [ 83 return $this->render('WallabagUserBundle:Manage:edit.html.twig', [
83 'user' => $user, 84 'user' => $user,
84 'edit_form' => $editForm->createView(), 85 'edit_form' => $form->createView(),
85 'delete_form' => $deleteForm->createView(), 86 'delete_form' => $deleteForm->createView(),
86 'twofactor_auth' => $this->getParameter('twofactor_auth'), 87 'twofactor_auth' => $this->getParameter('twofactor_auth'),
87 ]); 88 ]);
@@ -157,7 +158,7 @@ class ManageController extends Controller
157 } 158 }
158 159
159 /** 160 /**
160 * Creates a form to delete a User entity. 161 * Create a form to delete a User entity.
161 * 162 *
162 * @param User $user The User entity 163 * @param User $user The User entity
163 * 164 *
@@ -171,4 +172,50 @@ class ManageController extends Controller
171 ->getForm() 172 ->getForm()
172 ; 173 ;
173 } 174 }
175
176 /**
177 * Create a form to create or edit a User entity.
178 *
179 * @param string $type Might be NewUserType or UserType
180 * @param User $user The new / edit user
181 * @param Request $request The request
182 *
183 * @return FormInterface
184 */
185 private function createEditForm($type, User $user, Request $request)
186 {
187 $form = $this->createForm('Wallabag\UserBundle\Form\\' . $type, $user);
188 $form->handleRequest($request);
189
190 // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way
191 if (true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) {
192 $form->get('googleTwoFactor')->setData(true);
193 }
194
195 return $form;
196 }
197
198 /**
199 * Handle OTP update, taking care to only have one 2fa enable at a time.
200 *
201 * @see ConfigController
202 *
203 * @param FormInterface $form
204 * @param User $user
205 *
206 * @return User
207 */
208 private function handleOtp(FormInterface $form, User $user)
209 {
210 if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) {
211 $user->setGoogleAuthenticatorSecret($this->get('scheb_two_factor.security.google_authenticator')->generateSecret());
212 $user->setEmailTwoFactor(false);
213
214 return $user;
215 }
216
217 $user->setGoogleAuthenticatorSecret(null);
218
219 return $user;
220 }
174} 221}